xlsx
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to run a local script,
recalc.py, to perform spreadsheet formula recalculation via command-line execution. - [PROMPT_INJECTION]: The skill interacts with untrusted external spreadsheet files, creating a vulnerability to indirect prompt injection.
- Ingestion points: Data is read from XLSX, XLSM, CSV, and TSV files using libraries like
pandasandopenpyxl(SKILL.md). - Boundary markers: There are no defined boundary markers or system instructions to ignore potentially malicious embedded text within the spreadsheets.
- Capability inventory: The skill possesses the ability to execute code, write files, and run shell commands, which could be exploited if malicious data is interpreted as instructions.
- Sanitization: The instructions do not include any steps for sanitizing or validating spreadsheet content before the agent analyzes or acts upon it.
Audit Metadata